FYI for those attending BSDCan and interested in some of the security
feature development going on for FreeBSD right now...
Robert N M Watson
-- Forwarded message --
Date: Thu, 28 Apr 2005 21:39:31 +0100 (BST)
From: Robert Watson <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
S
On Tue, 24 May 2005, Pawel Jakub Dawidek wrote:
This patch gives another option, so one don't need to use firewall for
this purpose. It adds new idtype - 'jid'. With this patch, one can
configure that jail with the given JID can use only defined ports:
# sysctl security.mac.portacl.r
these accomplishments:
Eivind Eklund, Julian Elischer, Chris Faulhaber, Bill Fumerola, Daniel
Harris, Trevor Johnson, Remko Lodder, Simon Nielsen, Christian Peron,
Wes Peters, Josef El-Rayes, Tom Rhodes, Gregory Shapiro, Bruce Simpson,
Dag-Erling Smørgrav, and Robert Watson. Several of our previous
sec
The FreeBSD ACL implementation is currently based on a late POSIX.1e
draft, and is similar in functionality to the ACL support in Solaris,
IRIX, and Linux. It was developed along a similar timeline to the Linux
ACL support, and Andreas and I chatted a fair amount along the way so the
paralle
On Sun, 27 Nov 2005, Peter Jeremy wrote:
or "How do I know my copy of FreeBSD is the same as yours?"
I have recently been meditating on the issue of validating X.509 root
certificates. An obvious extension to that is validating FreeBSD
itself.
This topic has come up countless times over th
On Thu, 1 Dec 2005, Peter Jeremy wrote:
But this assumes the signer trusts the FreeBSD.org security:
If you don't trust the FreeBSD Project you wouldn't run FreeBSD.
Without ssh access there's no way to insert a key into the CVS
repository.
Assuming no security holes in the infrastructure
FYI, since this is probably of interest to subscribers of this mailing list
also.
Robert N M Watson
-- Forwarded message --
Date: Wed, 1 Feb 2006 22:55:40 + (GMT)
From: Robert Watson <[EMAIL PROTECTED]>
To: Julian Elischer <[EMAIL PROTECTED]>
Cc: [EMA
On Tue, 14 Mar 2006, Dag-Erling Smørgrav wrote:
Timothy Smith <[EMAIL PROTECTED]> writes:
it can't be too hard to get on that list. windows 2000 is on there.
Very funny.
Getting a Common Criteria certification requires:
- a big wad of money
- lots and lots of very boring paperwork
- an eve
I've had an informal, third or fourth hand report of kernel instability when
running Tor under load on unidentified versions of FreeBSD. Obviously, this
is a bit vague as bug reports go, but I'm interested in seeing if anyone has
had real experience with this happening, and might be intereste
On Fri, 28 Apr 2006, John Pettitt wrote:
I've had an informal, third or fourth hand report of kernel instability
when running Tor under load on unidentified versions of FreeBSD.
Obviously, this is a bit vague as bug reports go, but I'm interested in
seeing if anyone has had real experience wi
On Sun, 30 Apr 2006, Andrej (Andy) Brodnik wrote:
However, on my 6.0 I wanted to install recently the WLAN card using ndis.
The card I wanted to use was dlink (AIRPLUS driver). The generation of the
driver using ndisgen went through smoothly, but when I wanted to load the
kernel module, the
On Mon, 1 May 2006, Peter Thoenen wrote:
Its a regression.
See: http://www.freebsd.org/cgi/query-pr.cgi?pr=95180
I am the tor-devel maintainer and not only do I get private emails about
this at least once a week, I am expereincing it myself and also hear about
it on both the OFTC and Freenod
On Mon, 1 May 2006, R. B. Riddick wrote:
--- Robert Watson <[EMAIL PROTECTED]> wrote:
It's a pity this wasn't brought to my attention sooner, or there might have
been a chance to work on it for 6.1-RELEASE, especially given that it sounds
like it has been a moderately long-
On Mon, 1 May 2006, Robert Watson wrote:
On Mon, 1 May 2006, Peter Thoenen wrote:
Its a regression.
See: http://www.freebsd.org/cgi/query-pr.cgi?pr=95180
I am the tor-devel maintainer and not only do I get private emails about
this at least once a week, I am expereincing it myself and also
On Wed, 3 May 2006, Borja Marcos wrote:
I've been looking at the different MAC modules available and how they cold
help to implement a less insecure than usual shared hosting web server.
I think this sounds interesting :-).
I think the approach you've described sounds like the right sort of
On Fri, 26 May 2006, Jeremie Le Hen wrote:
first sorry for cross-posting but I thought this patch might interest
-CURRENT users as well as people concerned by security.
I wrote a patch that integrates ProPolice/SSP into FreeBSD, one step further
than it has been realized so far.
This looks
FYI for those working with audit and intrusion detection on FreeBSD.
Robert N M Watson
-- Forwarded message --
Date: Mon, 5 Jun 2006 17:01:04 +0100 (BST)
From: Robert Watson <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Heads up: OpenBSM 1.0a
Dear all,
I'm currently in the process of reviewing the use of the MAC Framework in
FreeBSD, following meetings at the developer summit about proposed
simplifications and enhancements. One of the on-going concerns I have had is
that several of the policies we ship are reference implementatio
On Fri, 11 Aug 2006, Poul-Henning Kamp wrote:
In my opinion the difference is that with NDA you place trust in a few
persons (the ones with the code), whilst with open source drivers the code
can be reviewed by all people with enough knowledge about the subject and
since peer review is an imp
Dear 6-STABLE users,
In the next 2-3 weeks, I plan to MFC support for CAPP security eventing
auditing from 7-CURRENT to 6-STABLE. The implementation has been running
quite nicely in -CURRENT for several months. Right now, I'm just waiting on a
confirmation from Sun regarding formal allocati
On Wed, 16 Aug 2006, Robert Watson wrote:
Dear 6-STABLE users,
In the next 2-3 weeks, I plan to MFC support for CAPP security eventing
auditing from 7-CURRENT to 6-STABLE. The implementation has been running
quite nicely in -CURRENT for several months. Right now, I'm just waiting
On Sat, 2 Sep 2006, Robert Watson wrote:
After a couple of weeks of settling, polishing, etc, the MFC of audit
support is about to begin. Over the next couple of days, the 6-STABLE build
may be briefly broken as inter-dependent components are merged. I do not
anticipate any serious
On Wed, 20 Sep 2006, Andrew Storms wrote:
A few weeks back Robert Watson announced the merge of these features from 7
back into 6-STABLE. I hadn't seen any updates and was curious as to the
status. Us 6-STABLE users are curious to test it out.
The MFC is largely complete, and we&#
Dear All,
Over the past week or so, I have spent some time updating Tom Rhodes'
excellent FreeBSD Handbook chapter on Audit for some of the more recent audit
changes, such as new features in more recent OpenBSM versions. Since FreeBSD
6.2-BETA2 contains what is likely the final drop of the a
On Wed, 11 Oct 2006, Garance A Drosihn wrote:
Your 4.x system is not doing to die when we EOL 4.x. We're only
saying that it is not going to see any additional work on it in
the official FreeBSD repository.
Actually, we're not even saying that. We're just saying that it will no
longer be o
On Thu, 12 Oct 2006, Simon L. Nielsen wrote:
On 2006.10.12 10:59:18 +0300, Patrick Okui wrote:
One of my servers is colocated in a place on a different continent - which
is why I haven't been able to upgrade it beyond RELENG_4. Google turns up a
binary upgrade as the only way I can get to REL
On Thu, 12 Oct 2006, Chris Laco wrote:
Just a lurker, and FreeBSD users since late 3.0... From my personal
experience of (4) 4.x machines and (1) 5.x machine, all on the same
hardware, I've had more problems with my 5.x install than I ever did with my
4.x install. I'm afraid to even look to s
On Thu, 12 Oct 2006, Jeremie Le Hen wrote:
I am all for it.
According to this thread, it appears the 4.x branch is still used for
whatever reasons, may they be perceived good or bad depends on one's own
consideration and feeling. If the FreeBSD Project is going to relinquish
RELENG_4 suppo
On Tue, 17 Oct 2006, security wrote:
You'll have the sources. If you're using 4.11 in a business, you need to
decide if it's more cost effective to move on to 6 or hire someone to keep
4.11 running. There's compat_4 to keep most userland apps happy. I'm sure
you could argue the various d
On Thu, 19 Oct 2006, Paul Allen wrote:
While possibly not advisable in the long term, I ran a 4.x postfix and
cyrus server install on 6.x using compat4 for about six months without
problems. The place where it gets tricky is updating the 4.x binaries,
which requires a 4.x chroot, since I was
On Fri, 20 Oct 2006, Nikolay Pavlov wrote:
I am trying to implement reverse proxy using squid with mac_portacl, but i
have problem while binding squid to port 80. Am i missed something?
Did you set the IP stack's definition of reserved such that there are no
reserved ports, per the mac_porta
On Wed, 6 Dec 2006, Craig Edwards wrote:
Doesn't securelevel completely mitigate this even for root users anyway, if
set? Setting securelevel denies raw access to disk devices and kmem in this
way does it not?
Securelevel is intended to protect integrity and not confidentiality, so does
not
On Wed, 14 Mar 2007, Eygene Ryabinkin wrote:
Just spotted the new advisory from CORE:
http://www.securityfocus.com/archive/1/462728/30/0/threaded Not an
expert, but FreeBSD's src/sys/kern/uipc_mbuf2.c has the very simular code.
Robert, anyone, could you please check?
Eygene,
Sorry for th
On Tue, 29 May 2007, zhouyi zhou wrote:
Where I am still confused:
1) Which area and direction should I focus. The security subsystem in
FreeBSD is large, which area deserves a testsuite in higher priority.
Off-hand, my feeling is I'd like us to consider three areas of testing:
- Correctn
On Sat, 14 Jul 2007, Alex Samorukov wrote:
I have some issues with OpenBSM which i cannot resolve, so i decided to ask
there.
1) I found some bugs in the auditreduce utility and created patch for it -
http://www.freebsd.org/cgi/query-pr.cgi?pr=114534. Please, someone from
freebsd team - tak
On Sat, 14 Jul 2007, Garrett Wollman wrote:
<<[EMAIL PROTECTED]> said:
This is correct -- login services must be modified to properly set up user
audit state at login. I am not familiar with work relating to this with
xdm, kdm, gdm, etc, but it would be very good to see this happen.
Surely
On Fri, 5 Oct 2007, Colin Percival wrote:
Olli Hauer wrote:
I am missing the advisory for openssl at ftp://ftp.freebsd.org/CERT/
We stopped uploading advisories there because we kept on running into
problems with ftp mirrors being out of date, while have complete control
over the security.
On Sat, 20 Oct 2007, Colin Percival wrote:
Robert Watson wrote:
On Fri, 5 Oct 2007, Colin Percival wrote:
ftp://ftp.freebsd.org/CERT/
We stopped uploading advisories there because we kept on running into
problems with ftp mirrors being out of date, while have complete control
over the
On Tue, 20 Nov 2007, JP wrote:
--and--
Checking `lkm'... You have 131 process hidden for readdir command
chkproc: Warning: Possible LKM Trojan installed
I wonder if it's trying to use procfs, which isn't mounted by default in
FreeBSD, and as a result reporting that /proc is empty (which is
On Thu, 27 Dec 2007, Dag-Erling Smørgrav wrote:
Gunther Mayer <[EMAIL PROTECTED]> writes:
I've known about ProPolice/SSP for a while now (from the Gentoo world) and
am aware that FreeBSD 7.0 doesn't yet support it though I know of Jeremy Le
Hen's patches (http://tataz.chchile.org/~tataz/FreeB
On Wed, 2 Jan 2008, Anjang Aki wrote:
I've been looking for a proper way to to track down user's activity inside
the shell as I'm helping my colleague to configure a web hosting and shell
hosting server.
Someone have referred me to this article --
http://bsdtips.utcorp.net/mediawiki/index.ph
On Tue, 5 Feb 2008, Zane C.B. wrote:
With unix domain sockets, unix(4), are LOCAL_CREDS actually supported or
not?
I've been trying to fetch this from within a Perl script using 'my
$local_creds=$some_connection->sockopt(LOCAL_CREDS)', but all I keep getting
is a undefined variable in return
On Tue, 5 Feb 2008, Zane C.B. wrote:
On Tue, 5 Feb 2008 13:21:10 -0200 Fernando Schapachnik
<[EMAIL PROTECTED]> wrote:
En un mensaje anterior, Zane C.B. escribió:
With unix domain sockets, unix(4), are LOCAL_CREDS actually supported or
not?
I've been trying to fetch this from within a Per
On Fri, 15 Feb 2008, Borja Marcos wrote:
I'm trying to set up a DNS server under FreeBSD using the mac_biba policy. I
use to run bind in low-integrity mode, so that neither it or any of its
descendants can modify configuration files, etc.
With previous FreeBSD versions there was a handy sysct
On Sun, 17 Feb 2008, Jim Bryant wrote:
FYI: The system assigned kern/120781 to this bug report.
IMHO, a security advisory should be issued ASAP.
Thanks for the report, I'm sure your widely distributed e-mail will get
someone looking at it quickly. In the future if you run into an issue you
On Mon, 18 Feb 2008, Robert Watson wrote:
Hopefully this bug will get resolved shortly, and then we can evaluate if an
errata notice is necessary.
FYI, I have been unable, thus far, to reproduce it with 150,000 entries in the
root of a test file system on an 8.x kernel. I'm not set
On Mon, 18 Feb 2008, Daniel Corrigan wrote:
Since this was released to a public mailing list, I can only assume some
less than nice user will attempt this. The only top level file system I have
that can be written to by normal users is /tmp
Should clear_tmp_enable="YES" in /etc/rc.conf preven
On Thu, 17 Jul 2008, Patrick Proniewski wrote:
Absolutely. Right now, I use different logins for different things (casual
web surfing, financial stuff, snd work), but it's inconvenient and far from
fullproof.
Capabilities or MAC systems could be used here -- someone just has to put
in the
On Thu, 17 Jul 2008, Tim Clewlow wrote:
The "One Laptop Per Child" organisation seem to be taking the sandbox/jail
concept to its extreme in an attempt to neuter viruses. In FreeBSD terms,
they appear to be insisting that each user application on the laptop be run
in its own jail.
http://ne
On Fri, 18 Jul 2008, Lyndon Nerenberg wrote:
It's sad people don't pay more attention to Plan 9. Namespaces go a long way
towards solving this problem in a manner that's completely transparent to
the application, and trivial for the end-user to configure and use.
See:
http://plan9.bell-labs.
On Thu, 24 Jul 2008, Kostik Belousov wrote:
Lots of people care a lot about plan9. The problem is that it's a lot like
UNIX. UNIX presupposes lots of special-purpose applications doing rather
specific and well-defined things, and that is a decreasingly accurate
reflection of the way people
On Fri, 8 Aug 2008, Oliver Fromme wrote:
Andrew Thompson wrote:
> Pete French wrote:
> > > The bce driver is not properly generating link state events.
> >
> > OK, that explains why it doesnt failover - but why does looking at it
> > with ifconfig make a difference ? surely that should be 'rea
On Thu, 28 Aug 2008, Boris Kochergin wrote:
Hi, list. A few years ago, there were plans to add an option to the
filesystem ACL implementation that would allow ACLs to override umasks when
creating files. I haven't been able to find anything else conclusive on the
matter and was wondering if i
On Sun, 31 Aug 2008, tethys ocean wrote:
In server jail and squid is running on it as lots of another packet. i want
to extract iso image in this server. But i havent do it.
You are correct that direct manipulation of md(4) devices is not allowed in
jail. However, you may be running on a v
On Wed, 3 Sep 2008, FreeBSD Security Advisories wrote:
The mount(2) and nmount(2) system calls are used by various utilities in the
base system to graft a file system object on to the file system tree to a
given mount point. It is possible to allow unprivileged users to utililize
these syste
On Sat, 13 Sep 2008, mouss wrote:
A quick search doesn't show me any port for enforcing password age. For
what it's worth, I once emailed Bruce Schneier about the effectiveness of
that and he said he never changed his passwords (based on age, anyway).
But there's probably something.
Given th
On Thu, 25 Sep 2008, Attila Nagy wrote:
Running RELENG_7 (and HEAD too), and I can't find the auditpipe device. Is
there anything which should be set in order to make it useable?
auditd runs and logs to /var/audit, which I can read with praudit.
(Following up to the list because Attila and
On Thu, 5 Feb 2009, Borja Marcos wrote:
I'm trying to upgrade the configuration of some web services, already using
the MAC subsystem, to use ZFS instead of UFS, but I see that ZFS doesn't
support MAC labels, even for a whole filesystem, which would be fine for me,
I don't need multilabel sup
On Mon, 9 Feb 2009, Borja Marcos wrote:
On Feb 7, 2009, at 11:21 PM, Robert Watson wrote:
I'm trying to upgrade the configuration of some web services, already
using the MAC subsystem, to use ZFS instead of UFS, but I see that ZFS
doesn't support MAC labels, even for a whole
On Sun, 1 Mar 2009, Paige Thompson wrote:
I would like to know that there is or is not a way to prevent users from
executing binaries that are not owned by root or that the user is in a
particular group. Is this something I can achieve with TrustedBSD's MAC
framework?
Hi Paige--
The ugidfw
On Sat, 7 Mar 2009, Zahemszky Gábor wrote:
I have two simple questions about the Mandatory Access Control framework of
FreeBSD:
a) what has happened with the SEBSD modul? When will be available (or will
it be at all) in the system (or can I find one for an up-to-date kernel: 7.x
or up)?
b
On Wed, 18 Mar 2009, Gabriele Modena wrote:
2009/3/17 Robert Watson :
Right now no one is maintaining the SEBSD module; this is unfortunate, but
largely a property of people having enough time. If this is something you
can contribute to (or anyone else who's interested) I'm happy
On Tue, 15 Sep 2009, Pieter de Boer wrote:
Given the amount of NULL-pointer dereference vulnerabilities in the FreeBSD
kernel that have been discovered of late, I've started looking at a way to
generically protect against the code execution possibilities of such bugs.
By disallowing userland
On Tue, 15 Dec 2009, Michal wrote:
On 10/11/2009 in "HEADS UP: Important bug fix in ZFS replay code!" post on
freebsd-fs PJD wrote: "There was important bug in ZFS replay code. If there
were setattr logs (not related to permission change) in ZIL during unclean
shutdown, one can end up with fil
On Wed, 7 Apr 2010, Xin LI wrote:
It looks like that we have:
KASSERT(td == curthread, ("priv_check: td != curthread"));
In priv_check(). I'm wondering why we need this assertion? i.e. why don't
we just do priv_check(int priv) and use curthread instead?
Historically, we did allow
On Fri, 30 Jul 2010, Selphie Keller wrote:
Kernel module for chmod restrictions while in securelevel one or higher:
http://gist.github.com/501800 (fbsd 8.x)
Was looking at the new recent sendfile/mbuf exploit and it was using a
shellcode that calls chmod syscall to make a setuid/setgid binar
For those following security and access control in FreeBSD, this may be of
interest. We'll have updated patches for Capsicum available for FreeBSD 8.1
in the next week or so. Feedback on the approach would be most welcome!
Robert N M Watson
Computer Laboratory
University of Cambridge
-
On Fri, 13 Aug 2010, Hugo Silva wrote:
For those following security and access control in FreeBSD, this may be of
interest. We'll have updated patches for Capsicum available for FreeBSD
8.1 in the next week or so. Feedback on the approach would be most
welcome!
Very nice. I am looking for
On Wed, 1 Sep 2010, Hans Petter Selasky wrote:
- Or whatever other method to get ISDN back in kernel ?
It seems code exists :-)
http://old.nabble.com/ISDN4BSD-on-8-current-td23919925.html
ISDN4BSD package has been updated to compile on FreeBSD
8-current
http://www.sel
On Wed, 8 Sep 2010, Vadim Goncharov wrote:
Which part of "support for the Giant lock *over the network stack* was
removed" [emphasis mine] do you not understand?
No, component removed was (1), I've underlined.
The reason is performance for overall network stack, not ideology.
For a practi
Dear all:
Some of you will have spotted Cambridge's "Capsicum" paper in the USENIX
Security proceedings this summer, and presented previously at the Cambridge
and Ottawa FreeBSD developer summits. We are in the throes of preparing basic
kernel support for Capsicum to merge to the FreeBSD tre
On Sun, 30 Jan 2011, Mark Murray wrote:
Just as a first cut, I'm going to "FreeBSD-ify" the code, to get it up to
our style(9) standards. Apart from stylistic issues, we already have SHA256
and SHA512 in our libraries, and they don't have alignment issues, So I'll
use them instead. You've don
On Wed, 29 Jun 2011, Stacey Son wrote:
I'm trying to use audit, and has some problems. First one is impossiblity
to create custom event class, and second one I hit is with auditreduce(1)
auditreduce doesn't filter events by date (-b/-a/-d options with any
arguments produces empty output),
freebsd-security folk may also be interested in this forthcoming addition to
OpenBSM from Pawel. I plan to cut a new OpenBSM alpha rev with auditdistd in
the next couple of days.
Robert N M Watson
Computer Laboratory
University of Cambridge
-- Forwarded message --
Date: Wed,
On Wed, 12 Jun 2013, Dewayne Geraghty wrote:
I've created a patch for libarchive that allows storing and restoring MAC
labels from/to a multilabel filesystem using bsdtar. Now before going
anywhere with this I had a few questions:
...
Thank-you for addressing a significant backup/recovery
75 matches
Mail list logo
